When a user starts an encrypted connection to a website, the user is traditionally asked to trust two independent sources. First, the user places trust in the Certification Authority (CA), which signs the certificate of the website as being genuine. Second, the user places trust in the Internet protocol (IP) address obtained from the Domain Name System (DNS) that translates the domain name to the IP address and verifies that the IP address belongs to the website to which the user wishes to connect. The problem is that both of these sources can be compromised. Past attacks against Certification Authorities have shown that it is possible to steal a certificate, which is valid for a domain name, and which does not belong to the owner of the certificate. Ownership of a certificate alone is useless to the attacker until he is able to send the user to an alternate website that is controlled by the attacker. To reroute the user's request, the attacker manipulates the DNS response. Various methods of manipulating DNS responses include (1) DNS cache poisoning, (2) direct manipulation of the DNS records, and (3) manipulation of the local DNS storage on client side. In such an attack scenario, a user requests a website by entering a domain name. The user gets a fake DNS response and is consequently redirect to a different server that is controlled by the attacker. Since the fake server has a valid certificate, no attack indication is provided to the user. The user may then unwittingly provide sensitive or confidential information, such as bank account numbers, passwords, etc. since the user does not realize he is being attacked.